Cellphone Wallets
We have discussed all the dangers of carrying and using a physical debit or credit card. Now, we can talk about cellphone wallet apps. Cellphone wallet apps, like Google Wallet, Samsung Wallet, and Apple Wallet, allow you to store your virtual credit card on your phone. You can use it by tapping your phone on the reader, like you would with a physical card.
You can store your credit cards, bank cards, or even membership and loyalty cards all within the app. All you need to do is pull out your phone. You then open the app (usually with a quick gesture or button press). Scan your thumb and you have paid for the product.
It is actually very quick, and if you are like most people, your cellphone is nearby and handy anyway. And I never leave the house without my cellphone, but I forget my wallet constantly.
How Cellphone Wallets Work
Cellphone wallet apps don’t store the credit or bank card number on the phone. They store it as what is called a random Token. The token is like a pretend card, but it is stored in a secure box on your phone. When you buy something, after authorizing it with your fingerprint, face, or a passcode, the secure box is opened. The wallet app sends the pretend card to the terminal. The terminal sends the pretend card to the bank to process the payment. And, only the bank knows what real account the pretend card is tied to. The credit card company or bank then authorizes the payment, and sends the payment info to the card reader to confirm the purchase.
What Makes Cellphone Wallets Safer?
Randomized Tokens – Cellphone Wallets are automatically secured in how they store the information. As mentioned earlier, they are stored as random tokens on the cellphone.
Encryption -All transaction data is encrypted so it can’t be decrypted by anybody except the bank and the terminal.
Biometric Authorization – You need to authorize the purchase, usually by thumbprint, but can also be by Face Scan or by entering a PIN. This means you have two-factor authentication enabled just to use the card. You can’t do that with a bank or credit card.
Device Lock In – transactions cannot be completed without the above authorization
No Card Present – there is no physical card to be skimmed, shimmed or stolen.
Risks Of Using A Cellphone Wallet
With anything these days, there is always some risk. But you can reduce those risks by implementing a few security practices.
Lock the device when not in use – Always have a lock screen where you have to enter a PIN or better yet, a thumbprint or face recognition for biometric security.
NFC Exploits – If your device is unlocked and active, a Near Field Communication (NFC) could intercept the transaction. The device would have to be very close to the device and under specific conditions. This is still considered theoretical at this point. This could change in the future as scammers adapt.
Malware and Spyware – if you have jailbroken or rooted your phone, that is it is not running the original Operating System (OS). Malicious apps could bypass some restrictions that are automatically in place by the authorized operating system (OS). The original OS would have been designed to securely use a Wallet application on your phone. It would have ensured that the data stored within it would be safe.
How to Protect Yourself
- Always use a strong passcode
- Enable biometric authentication on your phone
- Keep your phone’s software up to date
- Only install apps on your phone from the official app store
- Don’t jailbreak / root your phone
- Remote wipe your device if it is lost or stolen (Find My phone or Find My Device)
- Review your bank account statements regularly looking for anomalies
Cellphone wallets are safer than physical cards in many scenarios, but only if you follow good security habits. They have their risks but they are less than carrying and using a physical card.